On Sat, 2011-10-29 at 18:42 +0000, Pat wrote:
> Is there a way to detect non-7bit headers such that they can be flagged for > post-queue filtering? Postfix' header_checks (with or without PCRE) would be > ideal > but I'd like to know if this is doable in Spamassassin or Amavisd-new as well. > > Before I get labeled an ASCII bigot the problem is security. Certain smart > phones > are susceptible to viruses and trojans passed via non-ASCII email headers. > Javascript seems to be the language of choice for these exploits but it is > not the > only way to target email clients. The main problem is that no smartphones > are yet > designed with good security. A secondary problem is the sending of non-RFC > compliant 7 bit clean headers. My preferred solution would be tagging for > evaluation but a web search has turned up nothing straightforward. > > Pat > AFAIK amavisd-new is doing bad header checks by default, which can be disabled by @bypass_header_checks_maps.
